« Back to Threat Assessment « Previous Threat | Next Threat »

DNS Query to DynDNS Domain *.ddns .net detected in 2017-11-21-traffic-analysis-exercise-2-of-6.pcap

Time Packet Protocol Source Destination Additional Threats
2017/11/21 00:13:58 +0000 15183 DNS / udp 10.192.1.157:59447 10.192.1.1:53 source | dest | ip pair

Payload (37 bytes) show as: hex | ascii | follow stream

00000000 00000010 00000020
c0 76 01 00 00 01 00 00  00 00 00 00 0a 62 6c 61 63 6b 68 69 6c 6c 73 04  64 64 6e 73 03 6e 65 74 00 00 01 00 01  
.v...... .....bla ckhills. ddns.net .....

1 Alert

Alerts provided by Emerging Threats 2022-04-08
Signature Category SID.rev Rule Set
2 DNS Query to DynDNS Domain *.ddns .net Potentially Bad Traffic 2028675.2 ET POLICY

External References

The following URLs have been provided as references for some of the alerts found in this capture file. These links are not maintained by CloudShark and will redirect outside of the application.

Community ID

Community ID is an open standard for hashing network flows into identifiers and can be used to correlate connections across different tools.

Zeek: conn.log: 1:+2Vo4VDdWQtMB2XfM0slHziqf8Q=